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DETAILED ACTION 

1. Claims 1-12, 15-19, and 21-24 are presented for examination. 
Claims 13-14, 20, and 25-26 have been canceled. 

Claim Objections 

2. Claim 2 is objected to because of the following informalities: 

Claim 2 is recites the limitation "the at least one policy points" in lines 2-3. There 
is insufficient antecedent basis for this limitation in the claim. 
Appropriate correction is required. 



Claim Rejections - 35 USC § 102 

2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 



3. Claims 1, 2, 9-14, 16 and 17 are rejected under 35 U.S.C. 102(e) as being 
anticipated by Cooper et al. (hereafter, Cooper), US 2004/0039942 A1. 



Regarding claim 1 , Cooper teaches a method of analyzing policy rules defined 
for a subscriber and determining packet treatment (Fig. 1), the method comprising: 



Application/Control Number: 10/716,484 Page 3 

Art Unit: 2155 

retrieving definitions pertaining to policy rules for a subscriber (i.e., building a 
policy/definition involves in deciding policy domains, grouping network nodes into logical 
communities, and expressing rules about which communities of hosts can provide what 
services to which communities of hosts, page 8 paragraph [0165]). 

determining at least one policy point (i.e., policy domain or intranet) in a network 
for the subscriber based on the retrieved definitions (i.e., page 8 paragraphs [0170]- 
[017] and page 9 paragraph [0207]); 

determining the packet treatment at each of the at least one policy point (page 5 
paragraph [0095]); and 

outputting information corresponding to the packet treatment for each of the at 
least one policy point (page 10 paragraphs [0212]-[0213]). 

Regarding claim 2, Cooper teaches the method of claim 1 , further comprising: 
consolidating the determined packet treatment for each of the at least one policy 

points (i.e., the network behavior is directly analyzed based on direct observation of 

data traffic, page 22 paragraph [0362]); and 

displaying information representing the packet treatment through the network 

(page 81 paragraph [0458]). 

Regarding claim 9, Cooper teaches the method of claim 1 , further comprising: 
determining at least one injection point based on the at least one policy point 
(page 14 paragraph [0289]); 
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using at least one policy agent to inject packets at least one injection point ((page 
9 paragraphs [0190]-[0207]); 

collecting statistics from one of the at least one policy agent (page 4 TABLE A); 
consolidating and correlating the collected statistics (page 14, paragraph [0292]); 

and 

displaying results based on the consolidated and correlated statistics (page 16 
paragraphs [0325]-[0328]). 

Regarding claim 10, Cooper teaches one or more devices for analyzing packet 
treatment in a network, the one or more devices (Fig. 1) comprising: 

a user input/output interface configured to receive input from a user interface 
(page 5 paragraph [0100]) and to send output to the user interface (page 7 paragraphs 
[0151]-[0156]; 

database interface configured to access definitions in the database (page 5 
paragraphs [0089]-[0090]); 

a management server interface configured to request and receive information 
from a management server (page 24 TABLE M); 

a network interface configured to request and receive information from devices in 
the network (page 23 paragraph [0376]); and 

analyzer logic configured to analyze packet treatment based on policy rules 
defined or a subscriber (page 6 paragraphs [0127]-[0135]), 

wherein the analyzer logic is configured to: 
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determining one or more policy points in a network based on the defined policy rules 
(i.e., page 8 paragraphs [0170]-[017] and page 9 paragraph [0207]); * 

analyze packet treatment at each of the one or more policy points based on the 
defined policy rules (page 6 paragraphs [0128]-[0132]); and 

send analysis results via the user input/output interface (page 6 paragraph [0135] 
and page 81 paragraph [0459]). 

Regarding claim 1 1 , Cooper teaches the one or more devices of claim 10, further 
comprising an agent interface configured to send commands to at least one agent and 
to receive information from the at least one agent (page 9 paragraph [0188]-[0199]). 

Regarding claim 12, Cooper teaches the one or more devices of claim 10, 
wherein the analyzer logic is configured to user policy rule definitions defined for a 
subscriber when performing analysis (page 8 paragraphs [0178H0179]). 

Regarding claim 13, the one or more devices of claim 12, wherein the analyzer 
logic is further configured to: 

determining a policy point in a network based on the defined policy rules (page 8 
paragraph [0165]); 

analyzing packet treatment based on conditions and actions identified in the 
defined policy rules (page 6 paragraphs [0127]-[0135])' } and 
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send analysis results via the user input/output interface (page 5 paragraph 
[0092]). 

Regarding claim 14, Cooper teaches the one or more devices of claim 12, 
wherein the analyzer logic is configured to: 

determining one or more policy points in a network based on the defined policy 
rules (page 9 paragraphs [0203]-[0207]); and 

analyzing the packet treatment at each of the one or more policy points based on 
the defined policy rules (page 6 paragraphs [01 27J-[01 35]).. 

Regarding claim 16, Cooper teaches the one or more devices of claims 12, 
wherein the analyzer logic is further configured to analyze possible packet input on an 
interface and determine actions to be taken based on the defined policy rules (page 5 
paragraph [0095]). 

Regarding claim 17, Cooper teaches the one or more device of claim 1 1 , wherein 
the one or more devices are configured to command, via the agent interface, one or 
more agents to inject packets into a network (page 6 paragraph [0108]). 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 3-6, 15, 18, and 22 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cooper, in view of Haddock et al. (hereafter, Haddock), US 
6,678,248 B1. 

Regarding claim 1 8, Cooper teaches the one or more of claim 1 1 , further 
configured to: 

command, via the agent interface, one or more agent to inject packets into a 
network (page 6 paragraph [0108]; and 

collect statistics via the agent interface (page 6 paragraph [0131]). 

Cooper does not explicitly teach consolidate and correlate the collected statistics. 

Haddock teaches a flexible, policy-based, mechanism for managing, monitoring, 
and prioritizing traffic within a network (seen in abstract). Haddock teaches consolidate 
and correlate the collected statistics (col. 8 line 64-col. 9 line 29). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the teachings of Cooper to consolidate and correlate the 
collected statistics as taught by Haddock. One would be motivated to do so to allow 
multiple traffic groups to be mapped to a single QoS queue. 

Regarding claim 22, Cooper teaches the system of claim 19. 
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Cooper does not explicitly teach determine a plurality of traffic groups based on 
the ones of the policy rules and the service definitions defined for a subscriber. 

Haddock teaches a flexible, policy-based, mechanism for managing, monitoring, 
and prioritizing traffic within a network (seen in abstract). Haddock teaches determine a 
plurality of traffic groups based on the ones of the policy rules and the service 
definitions defined for a subscriber (col. 9 lines 31-52). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the teachings of Cooper to determine a plurality of traffic 
groups based on the ones of the policy rules and the service definitions defined for a 
subscriber as taught by Haddock. One would be motivated to do so to allow 
classification of traffic using the traffic group definitions defined in the QoS policy. 

Regarding claim 15, this claim recites limitation that is substantially the same as 
claim 22, same rationale of rejection is applicable. 

Regarding claim 3, Cooper-Haddock teaches the method of claim 1, wherein the 
determining the packet treatment comprising assigning traffic to traffic groups based on 
ones of the policy rules that are in effect (Haddock, col. Col. 5 lines 36-55). 

Regarding claim 4, Cooper-Haddock teaches the method of claim 3, wherein 
traffic assigned to one of the traffic groups satisfies a same one or more policy rule 
conditions (Haddock, col. 5 lines 16-55). 
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Regarding claim 5, Cooper-Haddock teaches the method of claim 3, wherein the 
determining the packet treatment further comprising: 

determining which one of the policy rules have conditions satisfied by packet 
input (Cooper, page 23 paragraphs [0374]-[0380]); and 

determining which of the policy rules that have conditions satisfied by the packet 
input are eclipsed (Haddock, col. 8 line 64-col. 9 line 29). 

Regarding claim 6, Cooper-Haddock teaches the method of claim 5, wherein the 
determining which of the policy rules that are eclipsed is based n eclipsing rules defined 
for a router (Haddock, col. 8 line 64-col. 9 line 29). 

6. Claims 7-8 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Cooper, in view of Westerinen et al. (hereafter, Westerinen), US 6,1 19,185. 

Regarding claim 7, Cooper teaches the method of claim 1 , wherein the 
determining the packet treatment comprises: 

obtaining a list of policy rules defined for a direction of an interface (page 16 
paragraphs [0339]-[0340]); 

sorting the list of policy rules based on a precedence defined for each of the 
policy rules (page 17 paragraph [0341]); and 

For each of the sorted policy rules: 
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determining whether a condition of each one of the sorted policy rules is 
satisfied by a possible packet input (page 17 paragraph [0345]); 

for each of the conditions that are satisfied by the possible packet input, 
adding the corresponding policy rule to an "in effect" list of the policy rules (page 17 
paragraph [0345]); 

For each of the conditions that are not satisfied by the possible packet 
input, adding the corresponding policy rule to an "ignore" list of the policy rules (page 17 
paragraph [0345]). 

Cooper does not explicitly teach determining which ones of the policy rules from 
the "in effect" list are eclipsed and moving ones of the policy rules that are eclipsed to 
an "eclipsed" list of the policy rules. 

Westerinen teaches determining which ones of the policy rules from the "in 
effect" list are eclipsed and moving ones of the policy rules that are eclipsed to an 
"eclipsed" list of the policy rules (col. 3 line 66-col. 6 line 25). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to incorporate the eclipse rules as taught by Westerinen into 
Cooper's system. One would be motivated to do so to achieve enhanced performance 
and to minimize conflict (Westerinen, col. 1 lines 51-52). 

Regarding claim 8, Cooper teaches the method of claim 7, further comprising 
performing, for each of the sorted policy rules, determining which ones of the policy 
rules from the "in effect" list can be combined and rearranging an order of the sorted "in 
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effect" list of the policy rules based on a definition of permissible combined actions 
(page 17 paragraph [0345]). 

7. Claims 19, 21, 23, and 24 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cooper, in view of Piesco, US 2003/0212908 A1. 

Regarding claim 19, Cooper teaches a system for analyzing packet treatment in 
a network (Fig. 1), the system comprising: 

a management server configured to load policy rules and service definitions to a 
router when a subscriber session is established (page 6 paragraph [0129]); 

a database including definitions of policy rules, the service definitions, and a 
network configuration, the database being configured to be accessible by the 
management server (page 5 paragraphs [0089]-[0090]); 

a policy analyzer configured to analyze packet treatment based on ones of the 
policy rules and the service definitions defined for a subscriber, the policy analyzer 
being configured to access the management server and the database (page 6 
paragraphs [0127]-[0135]); and 

user input/out interface configured to provide input to the policy analyzer and 
receive analysis results from the policy analyzer (page 5 paragraph [0092]). 

Cooper does not explicitly teach a policy analyzer configured to receive 
commands from the policy analyzer to inject packets into a network at an injection point. 
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Piesco teaches method and system for simulating computer network to facilitate 
testing of computer network security (seen in abstract). Piesco teaches a policy 
analyzer configured to receive commands from the policy analyzer to inject packets into 
a network at an injection point (page 2 paragraph [0019]). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the teachings of Cooper to receive commands from the 
policy analyzer to inject packets into a network at an injection point as taught by Piesco. 
One would be motivated to do so to provide an improved method and system for 
simulating a computer network in order to facilitate the testing of computer network 
security (Piesco, page 1 paragraph [0007]). 

Regarding claim 21, Cooper teaches the system of claim 19, further comprising a 
policy analyzer agent configured to collect statistics regarding traffic injected at an 
injection point and to send the collected statistics to the policy analyzer (page 9 
paragraphs [0190]-[0207]). 

Regarding claim 23, Cooper teaches one or more network devices, comprising: 
an analyzer interface configured to receive command from a policy analyzer and 

send information to the policy analyzer (page 7 paragraph [0147]); and 

statistics module configured to collect statistics of the injected traffic, the statistics 

module being further configured to send the collected statistics to a policy analyzer via 

the analyzer interface (page 7 paragraph [0138]). 
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Cooper does not explicitly teach an injector for injecting traffic into a network 
upon receiving a command from the policy analyzer via the analyzer interface. 

Piesco teaches an injector for injecting traffic into a network upon receiving a 
command from the policy analyzer via the analyzer interface (page 2 paragraph [0019]). 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention was made to modify the teachings of Cooper to inject traffic into a network 
upon receiving a command from the policy analyzer via the analyzer interface as taught 
by Piesco. One would be motivated to do so to provide an improved method and system 
for simulating a computer network in order to facilitate the testing of computer network 
security (Piesco, page 1 paragraph [0007]). 

Regarding claim 24, Cooper teaches the one or more device of claim 23, wherein 
the one or more network devices include a router (page 4 TABLE 1), 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Oanh Duong whose telephone number is (571) 272- 
3983. The examiner can normally be reached on Monday- Friday, 9:30PM - 6:00PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Saleh Najjar can be reached on (571) 272-4006. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




